The Beginning and End of the May 19th Network-wide Collective Paralysis - Latest Developments
-Published Time: May 23, 2009, 5:52:07 AM---LONGER-www.love2010.org-Gu Bai You's Love:)
DNSPod, the company responsible for the network failures experienced by users in six provinces, revealed to reporters yesterday that it is currently preparing materials to file a police report today to pursue legal responsibility for the major failure. According to the company’s speculation, the likely culprit behind this network accident in six provinces was likely illegal private online game servers.
Starting at 21:50 on May 19, users in Jiangsu, Anhui, Guangxi, Hainan, Gansu, and Zhejiang provinces reported slow website access or inability to access sites. Wu Hongsheng, head of DNSPod, stated in an interview with reporters that this incident was, in a sense, a complete "butterfly effect."
It all began possibly with one online game private server using underhanded tactics to compete for players, attacking another private server. Unable to hack into their competitor's site, the hackers instead targeted the domain name, bombarding DNSPod's server. This caused China Telecom to detect abnormal inter-network traffic, triggering emergency mechanisms.
Unfortunately, the attacked DNS server was providing domain name resolution services for approximately 100,000 websites, including well-known sites like VeryCD, Chinese Webmasters, and 4399.com. The most famous and highest-traffic site among them was Storm Codec (Baidu). Simultaneous access requests from netizens to these 100,000 websites, led by Baidu, quickly turned into a disaster. Since Wu Hongguang's DNS server had already collapsed, user requests were collectively redirected to China Telecom's DNS resolution server, which soon also failed. This effect gradually expanded, ultimately leading to the major national southern six-province network paralysis on "May 19".
Therefore, the biggest culprit behind this incident was likely illegal private online game servers. According to informed sources, some private online game servers spend around 2-3 million yuan per month purchasing "zombie" computers infected with Trojan viruses. These infected computers are then used to attack competitors. This gray industry significantly affects China's network security.
Stone Xiaohong, a security expert at 360 Safe, told reporters: “This event has sounded an alarm for the cybersecurity industry and society as a whole. It can be said that today's internet is actually quite fragile. The entire network architecture dictates that once DNS servers have issues, the consequences can be extremely severe. Internet security levels urgently need improvement.”
Additionally, according to Wu Hongsheng, it will take another day or two for the domain name resolution services of these 100,000 websites to fully recover. However, what he is most worried about now is the potential compensation claims that many websites might make against his company in the future.